package com.cst.security.authentication;

import com.cst.security.baseUtils.properties.SecurityProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

@Configuration
@EnableAuthorizationServer
public class CstAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
	@Autowired
	protected AuthenticationSuccessHandler cstAuthenticationSuccessHandler;

	@Autowired
	protected AuthenticationFailureHandler cstAuthenticationFailureHandler;

	@Autowired
	private SecurityProperties securityProperties;

	@Override
	public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
		super.configure(security);
	}

	@Override
	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
		super.configure(clients);
		clients.inMemory()
				.withClient("clientId_1")
				.secret("clientSecret_1")
				.accessTokenValiditySeconds(3600)//令牌有效时间 60分
				.authorizedGrantTypes("password", "refresh_token")//是一个数组，针对这个应用的授权模式 一般有四种模式，也可以自定义模式 这里用password、refresh_token 模式
				.scopes("all", "read", "write")//是一个数组，自己发过来的权限一定要属于这三种之内才可以，没发过来走默认
				.authorities("client");
	}

	@Override
	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
		super.configure(endpoints);
	}
}
